Security News

After Cummings' Barnard Castle trip, cheeky Britons started using the word 'vision' in their passwords
2020-11-05 15:45

Britons began using the word "Vision" in their passwords after prime ministerial advisor Dominic Cummings was caught travelling across the country from his parents' farm in Durham to Barnard Castle "To test" his eyesight, according to research from Pen Test Partners. Intriguingly, the use of the word "Computer" in passwords declined substantially from peaks seen in October and November 2019, something PTP attributed to people associating the word with the desktop machines seen in their workplaces.

Emotet malware now wants you to upgrade Microsoft Word
2020-10-24 11:05

Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.

Emotet malware now lures you with Microsoft Word upgrades
2020-10-24 11:05

Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.

This NSA, FBI security advisory has four words you never want to see together: Fancy Bear Linux rootkit
2020-08-13 23:48

The NSA and FBI are sounding the alarm over a dangerous new strain of Linux malware being employed by Russian government hackers often dubbed the Fancy Bear crew. Uncle Sam explicitly said on Thursday the miscreants - formally known as the 85th Main Special Service Center - operate within the Russian intelligence directorate, aka the GRU. The software nasty in question is Drovorub, a rootkit designed to infect Linux systems, take control of them, and siphon off files.

Three words you do not want to hear regarding a 'secure browser' called SafePay... Remote. Code. Execution
2020-06-24 07:51

Folks running Bitdefender's Total Security 2020 package should check they have the latest version installed following the disclosure of a remote code execution bug. Palant said the vulnerability was within a component called Online Protection within that suite, meaning it could be exploited by any website opened in any browser on any computer running Bitdefender's vulnerable antivirus package.

Three words do you not want to hear regarding a 'secure browser' called SafePay: Remote. Code. Execution
2020-06-24 07:51

Folks running Bitdefender's Total Security 2020 package should check they have the latest version installed following the disclosure of a remote code execution bug. Palant said the vulnerability was within a component called Online Protection within that suite, meaning it could be exploited by any website opened in any browser on any computer running Bitdefender's vulnerable antivirus package.

iPhone “word of death” could crash your phone – what you need to know
2020-04-28 16:25

A weird combination of Unicode characters that make up a nonsense word can crash your iPhone, apparently by confusing the iOS operating system when it tries to figure out how to display the "Word". We don't know how to read Arabic writing, or indeed the text of any Semitic language, but we do know that the writing systems of these languages generally differ from most European languages.

Fooling NLP Systems Through Word Swapping
2020-04-28 15:38

The software, developed by a team at MIT, looks for the words in a sentence that are most important to an NLP classifier and replaces them with a synonym that a human would find natural. Abstract: Machine learning algorithms are often vulnerable to adversarial examples that have imperceptible alterations from the original counterparts but can fool the state-of-the-art models.

Nigerian spammer made 3X average national salary firehosing macro-laden Word docs at world+dog
2020-03-17 13:38

A most entertaining piece of threat research from Check Point gives a unique insight into the "Working" life of a Nigerian email spammer who made thousands of dollars from stolen credit cards alone in recent years. Behind that facade of respectability, "Dton" was in fact an email spammer - a spammer working as part of a Nigerian cybercrime syndicate that generates its ill-gotten gains through buying and using stolen credit card details.

Zynga Faces Lawsuit Over Massive Words with Friends Breach
2020-03-05 20:42

Mobile game developer Zynga could face a class-action lawsuit stemming from a massive data breach last September, which impacted 218 million users of the Words with Friends mobile app. According to a third-party analysis, that data included names, emails, user IDs, salted passwords, password reset tokens, Zynga account IDs, and connections to Facebook and other social media services.